Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
5 ways you can strengthen and secure your network infrastructure with Firewall Analyzer
1. 5 ways to secure your network with Firewall Analyzer
2. Prominence of a Firewall log analyzer
• Firewall log contains vital information that
can provide intelligence and powerful
insights into the security issues.
• Without a log analysis it is difficult to
monitor traffic flow, security and device
configuration.
• Eventually resulting in security loopholes.
3. Implications of not having a Firewall Analyzer
Without a Firewall log analyzer, a network administrator remains clueless about the state of
firewall security and cannot take precautionary measures leading to:
• Policy violations.
• Internal and external threats.
• Regulatory compliance.
• Network, host, and user activity anomalies.
4. How could it affect you?
• Bandwidth Outage.
• Prone to network hack and security
breaches.
• No track of configuration changes.
• Unable to keep up with audit
compliance.
5. What can you do ?
• Tracking and analyzing the firewall log is
imperative to ensure network security.
• A sound maintenance policy needs to be in
place.
• Choosing a proper log analyzer tool is
imperative in order to protect firewall and
the network.
6. ManageEngine Firewall Analyzer to the rescue
Firewall Analyzer analyzes your firewall and proxy server logs and answers questions
like the following:
• Who are the top Web surfers in the company, and what web sites are they visiting?
• How many users inside the firewall are trying to access web sites with
inappropriate content?
• How much network activity originates on each side of the firewall?
• Are we experiencing hack attempts? Where are they originating?
• Which servers receive the most hits?
7.
8. #1 Security Audit
Without security information you might not be updated with the security related issues leading
to network vulnerability. Firewall analyzer provides elaborate compliance report with the
following benefits:
• Audits & analyzes the complete firewall
security and configuration.
• Provides a security audit report with
rating.
• Asses the best way to fix the issue.
• Recommends best practices based on
the report.
9.
10.
11.
12.
13.
14. #2 Compliance Management
Be 100% Compliant to Regulatory Mandates with Firewall Analyzer’s out-of-the-box reports. Firew
Analyzer's Compliance Management System :
• Supports different compliance formats
such as PCI, ISO, SANS, NIST, NERC.
• Continuously monitors your firewall
rule changes.
• Reports instantly on any rule
misconfigurations.
• Automatically schedules 'Security
Audit Reports’.
20. #3 Forensics Analysis
Firewall Analyzer lets you to:
• Search the raw logs of Firewall to
pinpoint the exact log entry which
caused the security activity.
• Mine the security incidents using
the advanced search of raw Firewall
logs. This makes security incident
mining easy, which is otherwise a task
with huge manually effort.
Investigate security incidents trail and prevent
recurring breaches
Log searches play a primary role in case of tracking and identifying any security activity.
21.
22. #4 Firewall Policy Optimization
Firewall policy anomaly reporting allows you to
optimize policies and plug all security holes as well
as optimize the performance of your firewalls.
Firewall Analyzer offers an exhaustive set of Firewall
policy anomaly reports such as:
• Correlation
• Generalization
• Redundancy
• Shadow
• Grouping
23.
24. #5 Insider Threat Detection
• Internet sites accessed.
• Protocols used for communication.
• Notification when accessing restricted
sites.
Firewall Analyzer application provides you with the following insights
& alerts about the employee internet usage such as :
• Notification on anomalies like sudden spike
in internet usage.
• Live internet bandwidth graphs with finer
details of inbound and outbound traffic
flows.